Closed Bug 221883 Opened 21 years ago Closed 21 years ago

file:// protocol fails if file to be opened is local and link is on a page served remotely

Categories

(Core Graveyard :: File Handling, defect)

Product:
Core Graveyard
Component:
File Handling
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED INVALID

People

(Reporter: throwaway5523, Unassigned)

References

Details

User-Agent:       Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4) Gecko/20030624
Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4) Gecko/20030624

I have a LAN with a Win2000/Apache server and a MacOSX client. A page served by
Apache contains a link "file:///VolumeName/filename.html", where the file is a
valid file path on the CLIENT machine. Clicking the link does not work, and no
error message is displayed. (Internet Explorer and Safari correctly display the
file.) If the file URL is copied and pasted into the URL box at the top of the
page, and I hit RETURN, the file opens correctly. If the served page source HTML
is copied to the client machine and opened in Mozilla, the link works and the
local file opens.

Reproducible: Always

Steps to Reproduce:
1. Create an HTML page with a file link ("file://...") to a valid file on a
client machine running Mozilla; place that HTML page on a server.
2. Open that page from the client machine.
3. Click the link.

Actual Results:  
No file displayed, no error message of any kind.

Expected Results:  
It should display the page at the specified URL.
Quoted form the release notes :

For security reasons, Mozilla does not allow web content to link to local files.
An error like "Security Error: Content at url may not load or link to
file:///something" will appear in the javascript console. If you need to follow
links to local paths it is recommended that you drag the link to the location
bar and then drop it on the webpage. If you really don't like the security check
and are willing to risk all files on your system and that your system can access
then you may add the following line to user.js in your personal profile
directory. user_pref("security.checkloaduri", false); (see Bug 84128)
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → INVALID
v

Why do they write release notes if you don't read them ?
Status: RESOLVED → VERIFIED
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.